Security Advisory: UniFi Vulnerability

Security Advisory: UniFi Vulnerability

Security Advisory: UniFi Access Points and Switches Vulnerability (CVE-2023-38034)A newly detected vulnerability, tagged as CVE-2023-38034, has spotlighted potential risks in the DHCP Client function of UniFi Access Points and Switches. This piece will outline the critical aspects of this vulnerability, its implications, and proactive steps to address the risks.Insight into CVE-2023-38034The DHCP Client function in UniFi Access Points and Switches has surfaced a significant vulnerability, identified as CVE-2023-38034. This loophole potentially allows Command Injection - a technique enabling unauthorised users to run arbitrary code from afar. Its severity is underlined by its capacity to provide attackers with unauthorized Remote Code Execution (RCE), jeopardizing the systems in question.Affected ProductsThis vulnerability affects specific UniFi devices:

• UniFi Access Points (Up to Version 6.5.53)
• UniFi Switches (Up to Version 6.5.32) excluding the USW Flex Mini model.

Users of these devices are urged to evaluate their systems and implement needed security measures. Potential Threats Exploiting CVE-2023-38034 could lead to dire consequences. Attackers could utilise this gap to run arbitrary code, facilitating unauthorised entries, data theft, and possible UniFi device compromises. The potential risks span from the exposure of confidential data to system infiltration. Counteracting the Vulnerability To enhance the security of the UniFi systems, prompt actions are indispensable. Recommended steps are:

• UniFi Access Points: Transition to Version 6.5.62 or subsequent updates.
• UniFi Switches: Shift to Version 6.5.59 or later.

Promptly updating the devices to the suggested versions is critical to avoid magnifying vulnerability risks, which can have far-reaching consequences.For further Manufacturer advisory information please visit: community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56

Flotek Response for customers

All managed support customers with Flotek Group cloud controlled access points are in the process of being patched outside of working hours, we will be contacting all customers to inform when this operation will be completed.If you do not have your access points cloud controlled by Flotek, please get in touch with your account manager to discuss seperately.